• 0VIX announced a temporary halt to its POS and zkEVM operations due to an exploit costing the protocol at least $2 million.
• Joint investigation with blockchain security firms revealed that the attacker had exploited the protocol using vGHST token.
• 0VIX has issued an ultimatum to the attacker in return for bug bounty of $125,000, with law enforcement involvement if no response is received.

Exploit Costs 0VIX $2 Million

The lending protocol 0VIX recently announced a temporary halt to its POS and zkEVM operations after suffering an exploit costing them at least $2 million. 0VIX was working with their security partners to investigate the situation which seems related to vGHST. This included pausing oToken transfers, minting, and liquidations.

Joint Investigation Reveals Attacker Used vGHST Token

A joint investigation between 0VIX, blockchain security firm PeckShield, and Chainalysis revealed that the attacker had managed to exploit the protocol using vGHST token. VGHST is the staking token of blockchain gaming project Aavegotchi as well as the share token for $GHST, Aavegotchi’s native token. Blocksec confirmed that vGHST was artificially inflated and its price oracle manipulated which caused $GHST’s value to increase 24.7% in less than half an hour according to CoinMarketCap data. The attacker then exchanged their loot for other tokens in what is referred to as oracle manipulation hacks—the most recent one being Mango Markets hack last October 2022 where they made off with over $117 million USDT worth of assets.

0VIX Issues Ultimatum To Attacker

In light of this attack, 0VIX has identified the attacker and issued an ultimatum via an on-chain message publicized through Twitter—offering them a bug bounty of $125,000 if they return collateral stolen from the platform; else face law enforcement involvement from 8am UTC 1 May 2023 onwards if there is no response from them before then.

Law Enforcement Involvement Scheduled If No Response Received

In order for justice to be served if no response is received by 8am UTC 1 May 2023 from the threat actor, 0VIX will take all leads acquired through public help so far and report it directly to law enforcement agencies who will then take appropriate action against him/her/it accordingly thereafter.

Conclusion

This incident serves as yet another reminder of how important it is that we remain vigilant when it comes to our digital assets—especially when dealing with sophisticated protocols like those used by DeFi projects such as 0VIx Protocol’s POS & zkEVM operations which are now temporarily halted while they investigate this attack further alongside their security partners PeckShield & Chainalysis until a resolution can be found soon enough.